This bug is filed as part of the FSF compatible licensing audit of Fedora:
Crypto-utils contains three pieces of code, with three different licenses:
- librand (AT&T BSD, OK)
- Makerand (GPL or Artistic, OK)
- keyrand (PGP license found here:
ftp://ftp.pgpi.org/pub/pgp/2.x/doc/pgpdoc2.txt, NOT OK)
The keyrand code is under the PGP license, which is pretty restrictive, and not
very open source compatible (it has restrictions on commercial use). Since
keyrand seems to be pretty pivotal for the other bits of crypto-utils, this
package should be removed from the distribution and CVS ASAP.

The user uses it! It's the only excuse for a cert generation tool we have.
I built -2.3-1 yesterday which replaces the PGP licensed stuff with a poor man's
keyrand I wrote from scratch, I just need to test this and it can go in.